WordPress, Magento, and Opencart new vulnerability

Hackernews has the story  “New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites” from last year, and this morning it is https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html. There are distinct similarities (WordPress Ecommerce and hackers try to steal CC #s online)

It is an issue as the malware hides itself and can stay at the website to steal credit card numbers  (skim card numbers) and here are some relevant facts:

“According to Sucuri, the latest campaign entails making malicious modifications to the checkout PHP file associated with the WooCommerce plugin for WordPress (“form-checkout.php”) to steal credit card details.

“For the past few months, the injections have been changed to look less suspicious than a long obfuscated script,” security researcher Ben Martin said, noting the malware’s attempt to masquerade as Google Analytics and Google Tag Manager.”

Yes we see that this type of vulnerability was here before (last year in June).  Unfortunately the initial issues were not fully resolved and thus the hackers are continuing to exploit this kind of an attack.

Kinsta website explains some of the details of the WordPress problems in this link.

The problems are that there are many plugins being developed by lots of different people, and some of them are not secure. The hackers take advantage of this. There are multiple ways to try and reduce risk. install Wordfence is one.

From the Wordfence link:  “WordPress security requires a team of dedicated analysts researching the latest malware variants and WordPress exploits, turning them into firewall rules and malware signatures, and releasing those to customers in real-time. Wordfence is widely acknowledged as the number one WordPress security research team in the World. Our plugin provides a comprehensive suite of security features, and our team’s research is what powers our plugin and provides the level of security that we are known for.”

Wordfence is a kind of firewall and anti-virus software all-in-one for your WordPress website. It will scan your site for known malware. And just like with regular anti-virus it is only so good.

Another way to reduce risk is to change some of the default control files. (this is cataloged in the Kinsta link)

Remove any plugin and theme that you are not using, as all plugins have to be upgraded for bugfixes or security  issues.  update plugins on a regular basis (which means log into wordpress frequently and update plugins as needed).

Another aspect is to only allow a few people with access to the admin account or any admin account.

Contact to discuss your wordpress websites